kind: StatefulSet
apiVersion: apps/v1beta1
metadata:
  name: {{ include "ceph-csi-rbd.provisioner.fullname" . }}
  labels:
    app: {{ include "ceph-csi-rbd.name" . }}
    chart: {{ include "ceph-csi-rbd.chart" . }}
    component: {{ .Values.provisioner.name }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
spec:
  serviceName: {{ include "ceph-csi-rbd.provisioner.fullname" . }}
  replicas: {{ .Values.provisioner.replicas }}
  selector:
    matchLabels:
      app: {{ include "ceph-csi-rbd.name" . }}
      component: {{ .Values.provisioner.name }}
      release: {{ .Release.Name }}
  template:
    metadata:
      labels:
        app: {{ include "ceph-csi-rbd.name" . }}
        chart: {{ include "ceph-csi-rbd.chart" . }}
        component: {{ .Values.provisioner.name }}
        release: {{ .Release.Name }}
        heritage: {{ .Release.Service }}
    spec:
      serviceAccountName: {{ include "ceph-csi-rbd.serviceAccountName.provisioner" . }}
      containers:
        - name: csi-provisioner
          image: "{{ .Values.provisioner.image.repository }}:{{ .Values.provisioner.image.tag }}"
          args:
            - "--csi-address=$(ADDRESS)"
            - "--v=5"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          imagePullPolicy: {{ .Values.provisioner.image.pullPolicy }}
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
          resources:
{{ toYaml .Values.provisioner.resources | indent 12 }}
        - name: csi-snapshotter
          image: {{ .Values.snapshotter.image.repository }}:{{ .Values.snapshotter.image.tag }}
          imagePullPolicy: {{ .Values.nodeplugin.plugin.image.imagePullPolicy }}
          args:
            - "--csi-address=$(ADDRESS)"
            - "--connection-timeout=15s"
            - "--v=5"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          securityContext:
            privileged: true
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
          resources:
{{ toYaml .Values.snapshotter.resources | indent 12 }}
        {{ if .Values.attacher.enabled }}
        - name: csi-attacher
          image: "{{ .Values.attacher.image.repository }}:{{ .Values.attacher.image.tag }}"
          args:
            - "--v=5"
            - "--csi-address=$(ADDRESS)"
          env:
            - name: ADDRESS
              value: "{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          imagePullPolicy: {{ .Values.attacher.image.pullPolicy }}
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
        {{ end }}
        - name: csi-rbdplugin
          securityContext:
            privileged: true
            capabilities:
              add: ["SYS_ADMIN"]
            allowPrivilegeEscalation: true
          image: "{{ .Values.nodeplugin.plugin.image.repository }}:{{ .Values.nodeplugin.plugin.image.tag }}"
          args :
            - "--nodeid=$(NODE_ID)"
            - "--endpoint=$(CSI_ENDPOINT)"
            - "--v=5"
            - "--drivername=$(DRIVER_NAME)"
            - "--containerized=true"
            - "--metadatastorage=k8s_configmap"
          env:
            - name: HOST_ROOTFS
              value: "/rootfs"
            - name: DRIVER_NAME
              value: {{ .Values.driverName }}
            - name: NODE_ID
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
            - name: CSI_ENDPOINT
              value: "unix:/{{ .Values.socketDir }}/{{ .Values.socketFile }}"
          imagePullPolicy: {{ .Values.nodeplugin.plugin.image.imagePullPolicy }}
          volumeMounts:
            - name: socket-dir
              mountPath: {{ .Values.socketDir }}
            - name: host-rootfs
              mountPath: "/rootfs"
          resources:
{{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }}
      volumes:
        - name: socket-dir
          emptyDir: {}
#FIXME this seems way too much. Why is it needed at all for this?
        - name: host-rootfs
          hostPath:
            path: /
    {{- if .Values.provisioner.affinity -}}
      affinity:
{{ toYaml .Values.provisioner.affinity . | indent 8 }}
    {{- end -}}
    {{- if .Values.provisioner.nodeSelector -}}
      nodeSelector:
{{ toYaml .Values.provisioner.nodeSelector | indent 8 }}
    {{- end -}}
    {{- if .Values.provisioner.tolerations -}}
      tolerations:
{{ toYaml .Values.provisioner.tolerations | indent 8 }}
    {{- end -}}